Understand AML Requirements in 2025: Fiat, Digital Assets & Crypto AssetsThe Anti-Money Laundering framework in Europe is entering a new phase, requiring professionals across the financial sector to address risks that go beyond traditional fiat transactions. Institutions are now expected to implement AML controls for digital and crypto assets with the same rigour applied to conventional financial products. This shift reflects the growing importance of emerging technologies, tokenised value transfers, and decentralised platforms, all of which present new challenges for AML compliance teams. At the same time, developments at the European level, including the introduction of the MiCA regulation and the establishment of the Anti-Money Laundering Authority, have raised expectations and brought greater consistency across member states.
Institutions operating in Cyprus are directly affected by this expansion. Entities supervised by CySEC, the Central Bank of Cyprus, the Institute of Certified Public Accountants of Cyprus, and the Cyprus Bar Association must now enhance their AML frameworks to address the evolving nature of financial crime. As the scope of services expands to include crypto wallets, decentralised exchanges, cross-border transfers, and complex digital onboarding channels, it becomes essential for AML professionals to stay informed and confident in applying new rules and controls.
In this blog post, Loukia Matsia, the Regulatory Compliance Manager at SALVUS Funds and instructor of this specialised training, outlines how AML compliance obligations are developing in 2025 for a wide range of financial institutions. These developments are not limited to traditional banks and investment firms. They now equally apply to Crypto Asset Service Providers, Electronic Money Institutions, and Payment Institutions, all of which must manage AML risks associated with digital and crypto asset flows. As regulatory expectations rise, professionals across these sectors are required to strengthen their internal controls, enhance their understanding of evolving AML frameworks, and apply risk-based measures that are fit for both traditional and emerging financial products.
Why this matters in 2025
AML obligations in 2025 reflect a broader effort to secure the financial system against illicit activity that exploits technological innovation. With financial crime threats now extending to blockchain transactions, anonymous wallets, tokenised instruments, and non-traditional delivery channels, compliance officers must be prepared to manage risk across new dimensions. National supervisors and EU-level authorities are reinforcing this shift, requiring regulated entities to treat digital and crypto services with the same seriousness as fiat-based products. Institutions that fail to integrate these developments into their compliance frameworks risk falling short of both legal and supervisory expectations.
Aligning with the Cyprus National Risk Assessment
The Cyprus National Risk Assessment is a central point of reference for understanding the AML threats and vulnerabilities faced by the financial sector. The course explains how the 2018 and 2021 assessments categorised each sector’s exposure to money laundering and terrorist financing risks. Special attention is given to the treatment of Crypto Asset Service Providers, which were explicitly included in the 2021 assessment and ranked as high-risk due to their exposure to anonymous and cross-border activity. Professionals are shown how to incorporate the findings of the National Risk Assessment into their internal procedures and how to justify the application of simplified, standard, or enhanced due diligence using national risk insights.
AML obligations for fiat, digital and crypto assets
The course introduces the differences between fiat currency, digital assets, and crypto assets. These distinctions are essential for understanding how AML obligations apply in practice. Fiat currency remains the base of most regulated activity, but the inclusion of digital and crypto assets brings new features such as decentralisation, volatility, and pseudonymity. The course provides clear definitions of each asset class and explains how different characteristics can influence customer due diligence, transaction monitoring, and internal risk scoring. Understanding these differences is essential for tailoring AML controls to the specific risks presented by each asset type.
Applying the risk-based approach
The course provides practical guidance on how to apply the risk-based approach in financial institutions. Participants are shown how to evaluate customer profiles, delivery channels, geographic exposure, and product-specific features to develop a meaningful risk score. This score determines the level of due diligence to be applied and forms the basis for monitoring expectations. Institutions are reminded that a documented and justifiable approach to risk classification is essential for satisfying supervisory authorities and for applying AML measures that are proportional to the risks encountered.
Customer due diligence and AML monitoring
With the growth of digital and crypto assets, AML professionals must apply customer due diligence procedures that go beyond identity verification. The course introduces the concepts of Know Your Customer, Know Your Transaction, and Know Your Wallet. Participants are guided through the process of collecting and verifying customer data, monitoring transactional behaviour, and assessing wallet ownership and transaction history. The training shows how these elements work together to detect high-risk activity, identify red flags, and respond to unusual patterns of behaviour.
Reporting suspicious transactions
The final section of the course addresses the process of reporting suspicious transactions. Participants are taught how to identify activity that may give rise to suspicion, how to escalate concerns internally, and how to prepare a report to MOKAS through the GoAML platform. The distinction between internal suspicion reports and formal suspicious transaction reports is explained, along with the obligations of the AML Compliance Officer in managing this process. The course includes real-world examples of red flags and typologies involving both fiat and crypto activity, helping professionals build confidence in meeting this critical regulatory obligation.
What is covered in the course
The course includes the following material:
- Fiat currency, digital assets and crypto assets
- Money laundering and terrorist financing
- The AML regulatory framework
- Cyprus National Risk Assessment from 2018 and 2021
- Assessing and managing risks using the risk-based approach
- Customer due diligence, KYC, KYT, and KYW
- Suspicious transaction reports
- Course test and certification
Who should attend and what you will gain
This course is designed for professionals working in Cyprus Investment Firms, Crypto Asset Service Providers, Electronic Money Institutions, Payment Institutions, and other entities supervised by CySEC, the Central Bank of Cyprus, the Institute of Certified Public Accountants of Cyprus, or the Cyprus Bar Association. It is particularly relevant for AML compliance officers, internal auditors, legal professionals, and managers responsible for regulatory compliance. Upon completion of the course, participants will be equipped with the knowledge to enhance AML policies and procedures, apply updated compliance measures across fiat and crypto channels, and meet the evolving expectations of both national and European supervisory bodies.
Course delivery and certification
The course is delivered online through the IforPE platform. It includes recorded video lectures, downloadable course materials, a test with ten questions, and a certificate of completion. Participants who successfully complete the course receive 5 CPD hours, which can be applied toward CySEC Advanced, Basic, and AML certification renewal requirements.
